CVE-2004-0944 in ICPinfo

Summary

The web management interface for Mitel 3300 Integrated Communications Platform (ICP) before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

10/12/2004

Disclosure

02/28/2004

Moderation

VulDB entry created

Entries

VDB-21597 (1)

CPE

ready

CWE

CWE-287 (Confirmed)

CVSS

5.3

EPSS

0.00443

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0944
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0944
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0944/

◂ Previous Overview Next ▸